Senior Cybersecurity Engineer

at  Qualifacts Systems Inc

Job Description:
Qualifacts is a leading provider of behavioral health software and SaaS solutions for clinical productivity, compliance and state reporting, billing, and business intelligence. Its mission is to be an innovative and trusted technology and end-to-end solutions partner, enabling exceptional outcomes for its customers and those they serve. Qualifacts’ comprehensive portfolio, including the CareLogic®, Credible™, and InSync® EHR (Electronic Health Records) platforms, spans and serves the entire behavioral health, rehabilitative, and human services market supporting non-profit Certified Community Behavioral Health Clinics (CCBHC) as well as for-profit large enterprise and small business providers. Qualifacts has a loyal customer base, with more than 2,500 customers representing 75,000 providers serving more than 6 million patients. Qualifacts was recognized in the 2022 and 2023 Best in KLAS: Software and Services report as having the top ranked Behavioral Health EHR solutions.
We follow a hybrid model, so employees are expected to be in the office 2 days per week.
The Opportunity:
The individual in this position will work to secure Qualifacts applications and infrastructure from external and internal threats; implement third-party tools to assist in the detection, prevention and analysis of security threats. S/he will be responsible for installation, administration and monitoring of security products to enable vulnerability detection, intrusion detection, firewalls, identity and access management, security event monitoring, incident management, end-point protection and more. This position is responsible for maintaining threat detection programs and is a direct liaison with our third party Security Operations Center (SOC). This candidate must have a strong understanding of operating systems, networking, web applications, and databases in addition to security specific technologies. Candidates should have familiarity with host and network security hardening, networking protocols, common intrusion techniques, and risk management concepts.

Your Responsibilities:

• Maintains existing security tools, including, but not limited to Firewalls, Security Information and Event Management (SIEM), vulnerability scanning tools, e-mail gateways/spam filters, File Integrity Monitors (FIM), Identity and Access Management, and anti-virus/malware.
• Evaluate new products and strategies, and make recommendations for improvements where possible.
• Monitors system logs and alerts and provide first level Incident Response in determining the severity of alerts and escalating them to management (in conjunction with third party Security Operations Center (SOC)
• Works as part of an Incident Response Team to respond to, assess, and remediate security incidents as needed.
• Instrumental in involvement in complex IT security projects in designing or maintaining a vulnerability management program, by working closely with other operational teams.
• Monitors network configuration and administration including VLANs, ACLs, switches, routers, ISPs and firewalls (i.e. Cisco, Fortigate, etc.)
• Ensures new emerging systems are being deployed in accordance with current recommended Information Security best practices
• Conducts and coordinates tests across a variety of enterprise platforms to guarantee proper stability of systems
• Serves as a technical point of contact for assessing and analyzing all enterprise client systems, hardware, and software security issues
• Provides the highest level of back-end support by identifying, prioritizing, and determining a solution for reported customer issues and problems.

Qualifications:

• 5+ years of security related experience with implementing and managing and various security monitoring and threat detection tools.
• 5+ years experience administering and applying security controls in production, test and development environments in a complex, heterogeneous, cross-platform environment
• 3+ years of combined IT and application, operating system, or database security work
• 2+ years experience in monitoring and securing of cloud environments such as AWS and Azure
• Strong knowledge and management of the following is required: Internal/External vulnerability scanning, penetration testing, IT auditing, firewalls (e.g.) Fortigate, IDS/IPS, DNS, anti-virus, VLAN, VPN, SIEM, etc.
• Knowledge and management of Password Management Platforms, Encryption Platforms, Secure Monitoring/Reporting and SSO/Multi-Factor platforms
• Proficient in securely managing Microsoft Windows, Windows Server, Redhat, CentOS, Ubuntu
• Knowledge of virtualization technologies such as VMware, KVM, or similar Hypervisors.
• Strong knowledge in following web technologies: OpenStack, Openshift and other Cloud computing platforms/microservices
• Experience in securing cloud environments (e.g. AWS)
• Experience with implementing and maintaining Identity & Access Management (IAM) solutions
• Experience Security Incident Response Handling and Incident Forensic Analysis

Preferred:

• Security+, Network+, Linux+, Certified Information Systems Security Professional (CISSP), Redhat Certified Systems Administrator (RHCSA)/RedHat Certified Engineer (RHCE), Linux+, Certified Ethical Hacker (CEH), Licensed Penetration Tester (LPT)
• 3+ years working with or on a Security Operations Center(SOC) and Incident Response team
• 2+ years experience with web technologies such as OpenStack, Openshift, or other Cloud computing platforms and microservices
• Experience in maintaining an Active Directory environment of 500+ users, 1300+ computers
• Office 365 (E3 or E5 Suite)
• Experiance with Enterprise DLP tools
• Experience with Bomgar/BeyondTrust remote access management for privileged Admin access and monitoring.
• Experience with Identity and Access Management (IAM) solutions
• Ability to identify opportunities for automation of security solutions
• Ability to take part in an on-call rotation for after-hours support.

What we offer you:

• Economic bonus and merit review.
• Full Health Insurance (EPS and oncologic) for you and your direct dependents.
• Fully paid English lessons.
• All legal benefits (CTS, 30-day paid vacation per year, life insurance, etc.).

Qualifacts is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, gender, age, disability, etc.
Qualifacts is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees

• Maintains existing security tools, including, but not limited to Firewalls, Security Information and Event Management (SIEM), vulnerability scanning tools, e-mail gateways/spam filters, File Integrity Monitors (FIM), Identity and Access Management, and anti-virus/malware.
• Evaluate new products and strategies, and make recommendations for improvements where possible.
• Monitors system logs and alerts and provide first level Incident Response in determining the severity of alerts and escalating them to management (in conjunction with third party Security Operations Center (SOC)
• Works as part of an Incident Response Team to respond to, assess, and remediate security incidents as needed.
• Instrumental in involvement in complex IT security projects in designing or maintaining a vulnerability management program, by working closely with other operational teams.
• Monitors network configuration and administration including VLANs, ACLs, switches, routers, ISPs and firewalls (i.e. Cisco, Fortigate, etc.)
• Ensures new emerging systems are being deployed in accordance with current recommended Information Security best practices
• Conducts and coordinates tests across a variety of enterprise platforms to guarantee proper stability of systems
• Serves as a technical point of contact for assessing and analyzing all enterprise client systems, hardware, and software security issues
• Provides the highest level of back-end support by identifying, prioritizing, and determining a solution for reported customer issues and problems